Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_wJd3J2gdCEugzmUns8cMJksDPw.roa
File: _wJd3J2gdCEugzmUns8cMJksDPw.roa (raw, json)
Hash identifier: sHl/q4QcEORNc1SwshTDFP1bRatJ1P1jDlzkrUntUxU=
Subject key identifier: FF:02:5D:DC:9D:A0:74:21:2E:83:39:94:9E:CF:1C:30:99:2C:0C:FC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0193EAA63028B8450D2B205CC0D90CAEA9F2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_wJd3J2gdCEugzmUns8cMJksDPw.roa
Signing time: Sat 21 Dec 2024 19:16:20 +0000
ROA not before: Sat 21 Dec 2024 19:16:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.21.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.225.0.0/23 maxlen: 23
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.58.146.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Dec 2024 15:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:a6:30:28:b8:45:0d:2b:20:5c:c0:d9:0c:ae:a9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 21 19:16:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff025ddc9da074212e8339949ecf1c30992c0cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a4:28:1e:cd:dc:dc:98:f9:7e:a8:7d:d7:9d:
b9:6b:54:a7:7a:74:85:f8:a9:b7:e3:ef:0f:1c:8a:
dd:d0:4d:fb:7a:a5:75:a1:64:e6:2c:49:43:08:28:
58:2a:fe:5f:e8:1d:0b:93:b8:6a:45:f6:07:db:a3:
c9:1f:da:8f:12:1e:6c:69:90:d5:65:da:68:c9:41:
69:1e:21:08:8c:51:9e:50:fb:cb:48:86:d1:1d:c6:
8b:12:da:da:64:d5:4e:c3:23:50:e5:c4:6d:51:b0:
bf:71:43:52:20:d8:c7:f9:b9:3f:f7:92:ea:fe:90:
8f:b7:55:5b:75:ab:b7:6e:6f:15:64:77:34:2e:3b:
67:34:2c:7f:03:5f:b5:b6:78:e2:bf:d0:91:05:a0:
20:a6:28:03:c4:64:03:21:b4:a5:51:9d:02:b7:ea:
70:a0:80:4f:41:12:61:47:7d:5e:08:32:49:1c:95:
c6:0d:39:b8:8b:8b:1f:bf:6b:3b:89:d1:db:cf:0b:
f4:35:bd:a9:23:4b:59:b9:64:ec:6a:c2:63:76:77:
0f:ab:65:17:db:49:3a:63:ae:4a:56:b8:3d:e1:bd:
f8:26:bd:1a:99:00:05:3e:40:c8:69:43:bb:b2:0c:
f1:91:a6:7a:75:b4:bd:0a:40:8b:f2:7b:b6:e5:c2:
00:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:02:5D:DC:9D:A0:74:21:2E:83:39:94:9E:CF:1C:30:99:2C:0C:FC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_wJd3J2gdCEugzmUns8cMJksDPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.126.82.0/24
185.220.250.0/23
185.225.0.0/23
185.227.146.0/23
185.234.22.0/24
193.8.112.0/23
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:27:7e:0e:b4:e1:42:0b:c0:f6:c7:d3:f4:50:4d:65:9b:6e:
69:9a:0a:23:b5:49:3d:27:f3:6b:77:ba:d6:23:71:81:50:b5:
a3:f0:c4:99:86:e4:e8:e5:ab:a8:dc:b7:a8:b5:0f:94:cb:0d:
96:74:f0:df:40:64:80:30:9b:f1:fa:5a:a0:77:a1:a4:bf:2d:
14:26:3e:0c:5b:7b:67:a9:29:57:ae:cd:de:b5:12:34:bc:b5:
dd:c5:69:f0:c6:e1:ce:79:21:87:4c:c1:bd:a3:3b:b1:22:fe:
bd:a3:a5:29:5e:8d:82:e5:51:27:b4:52:37:a2:3c:f2:d2:9d:
9c:47:98:1a:2b:52:37:3c:53:e8:60:8f:44:13:95:72:96:51:
24:05:5a:f3:9f:81:eb:01:08:c0:06:dd:86:24:ba:55:e0:cc:
af:f3:40:96:38:41:02:da:f3:82:99:0d:f8:09:44:05:86:a1:
20:05:78:b0:81:08:4f:89:bc:5a:0c:b3:a6:07:6e:59:0e:5f:
a1:d5:f9:79:af:7f:bd:06:5e:ba:32:46:4e:08:a1:dc:76:92:
59:1b:f1:70:37:b8:36:29:b3:6d:2f:9d:f3:b3:5a:52:72:3a:
1c:b3:4d:7b:42:18:eb:83:98:f7:d2:6a:87:3f:f9:bd:b9:4e:
72:cf:0e:47
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZPqpjAouEUNKyBcwNkMrqnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMjIxMTkxNjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjAyNWRkYzlkYTA3NDIxMmU4MzM5OTQ5ZWNmMWMzMDk5MmMwY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKQoHs3c3Jj5fqh91525a1SnenSF
+Km34+8PHIrd0E37eqV1oWTmLElDCChYKv5f6B0Lk7hqRfYH26PJH9qPEh5saZDV
ZdpoyUFpHiEIjFGeUPvLSIbRHcaLEtraZNVOwyNQ5cRtUbC/cUNSINjH+bk/95Lq
/pCPt1Vbdau3bm8VZHc0LjtnNCx/A1+1tnjiv9CRBaAgpigDxGQDIbSlUZ0Ct+pw
oIBPQRJhR31eCDJJHJXGDTm4i4sfv2s7idHbzwv0Nb2pI0tZuWTsasJjdncPq2UX
20k6Y65KVrg94b34Jr0amQAFPkDIaUO7sgzxkaZ6dbS9CkCL8nu25cIAvwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFP8CXdydoHQhLoM5lJ7PHDCZLAz8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvX3dKZDNKMmdkQ0V1Z3ptVW5zOGNNSmtzRFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQA
uX5SAwQBudz6AwQBueEAAwQBueOSAwQAueoWAwQBwQhwAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQALJ34OtOFCC8D2x9P0UE1lm25pmgojtUk9J/Nrd7rWI3GBULWj
8MSZhuTo5auo3LeotQ+Uyw2WdPDfQGSAMJvx+lqgd6Gkvy0UJj4MW3tnqSlXrs3e
tRI0vLXdxWnwxuHOeSGHTMG9ozuxIv69o6UpXo2C5VEntFI3ojzy0p2cR5gaK1I3
PFPoYI9EE5VyllEkBVrzn4HrAQjABt2GJLpV4Myv80CWOEEC2vOCmQ34CUQFhqEg
BXiwgQhPibxaDLOmB25ZDl+h1fl5r3+9Bl66MkZOCKHcdpJZG/FwN7g2KbNtL53z
s1pScjocs017Qhjrg5j30mqHP/m9uU5yzw5H
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:10:33 2025 by rpki-client